<?php
// submit.php written by Ben Quartermaine June 2009
// Purpose: * receives contact details from registration form
//			* commits new subscribers record to the database
//			* generates a unique validation string using md5 and a secret code
//			* sends confirmation email to subscriber requesting double optin


 include "phpgmailer\class.phpgmailer.php";
 
  //get input from form
 
 $firstName = filter_input(INPUT_POST,"firstName");
 $lastName = filter_input(INPUT_POST,"lastName");
 $email = filter_input(INPUT_POST,"email");
 $phone = filter_input(INPUT_POST,"phone");
 
 
 insertSubscriberRecord($firstName, $lastName, $email, $phone);
 
 

function insertSubscriberRecord($fname, $lname, $email, $pnumber){
	 
	 
	 //connect to the database
	  
	 $conn = mysql_connect("localhost", "root", "BlackBall56") 
	 or die(mysql_connect());
	 
	 //clean escape characters from contact data
	 $firstName =  mysql_real_escape_string($firstName);
	 $lastName =  mysql_real_escape_string($lastName);
	 $email =  mysql_real_escape_string($email);
	 $phone =  mysql_real_escape_string($phone);
	 
	 
	 
	 //select databse
	 $select = mysql_select_db("emailSubs");
	 
	 //build and execute sql statement
	 $sql = "INSERT INTO subscribers VALUES (null, '$fname', '$lname', '$email', '$pnumber', NOW(), 'out');";
	 $result = mysql_query($sql, $conn);
	 
	 //exception checking
	 if($result){
	 	print "<h2>Your application has been received</h2><br />";
		
		
		$resultID = mysql_insert_id($conn);
		
		//print "Result ID: $resultID <br/>";
				
		emailConfirmation($email, $resultID, $fname, $lname);
	 }else{
	 	print "<h2>There was a problem submitting your request. Please contact support</h2>";
  	 }//end if
	 
	 //close database connection
	 mysql_close($conn);	 
	 
} //end insertSubscriberRecord()


function emailConfirmation($email, $resultID, $fname, $lname){
	
	//generate URL for opt in confirmation
	$URL = buildOptinURL($email, $resultID);

	//generate and send confirmation email
	 	$mail = new PHPGMailer("new page");
	 
	 	//set $mail properties
		$mail->IsSMTP(); // send via SMTP
	 	$mail->SMTPAuth = true; // turn on SMTP authentication
	 	$mail->Username = "bjquartermaine@gmail.com"; // SMTP username
	 	$mail->Password = "123ast456"; // SMTP password
	 
	 	//generate mail header
	 	$webmaster_email = "bjquartermaine@gmail.com"; //Reply to this email ID
	 	$email1=$email; // Recipients email ID
	 	$name=$lname . ", " . $fname; // Recipient's name
	 
	 	$mail->From = $webmaster_email;
	 	$mail->FromName = "Webmaster";
	 	$mail->AddAddress($email1,$name);
	 	$mail->AddReplyTo($webmaster_email,"Webmaster");
	 	$mail->WordWrap = 50; // set word wrap
	 	//$mail->AddAttachment("/var/tmp/file.tar.gz"); // attachment
	 	//$mail->AddAttachment("/tmp/image.jpg", "new.jpg"); // attachment
	 	$mail->IsHTML(true); // send as HTML
	 
	 	//generate subject and body
	 	$mail->Subject = "Email subscription Confirmation";
	 	$mail->Body = "Hi $fname, <br />
	 				<p>Please click on the link below to activate your subscription account: <br /></p><p>" . $URL . "<br /> </p>
					If the link does not work please copy and paste it into your browser." ; //HTML Body
	 	$mail->AltBody = "This is the body when user views in plain text format"; //Text Body
	 
	 	if(!$mail->Send()){
	 		echo "Mailer Error: " . $mail->ErrorInfo;
			print "<br />please contact support<br />";
	 	}
	 	else
	 	{
	 		print "You will receive a confirmation email shortly<br />";
	 	} //end if
	 
	//$xportlist = stream_get_transports();
	//print_r($xportlist);
	
	 
} //end emailConfirmation()


function buildOptinURL($email, $subscriberID){
	
	$URL = "http://localhost/emailOpt/optin.php?ID=";
	$validationString = "&Code=" . hashEmail($email);
	
	$URL = $URL . $subscriberID . $validationString;
	
	//print "$URL <br />";
	
	return $URL;
}//end buildOptinURL()



function hashEmail($email){
	// create the MD5 hash 
  $secret_code = 'ffdidshawthe';
  $formatted_email = preg_replace("/(-|\@|\.)/", "", $email);
  $md5String = $secret_code . $formatted_email;
  $hashed = md5($md5String);
  
  return $hashed;

}//end hashEmail()

?>
